Layer 2 resolution

Unanswered Question
Mar 31st, 2009
User Badges:

If there is a layer 3 device connected to another layer 3 device & if there is a physical unit change made on one of them..shouldnt the mac-address clear itself after the aging period & reflect the new device physical address.Do we really need to clear the mac manually from the other device.Just part of a replacement coming up next weeek, so just making sure every problem area is checked upon.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Jon Marshall Tue, 03/31/2009 - 07:44
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Yes it will age out but you may not want to wait that long to make sure the new device is functioning properly.

So you may well be better off clearing the arp caches, mac-address tables.


lamav Tue, 03/31/2009 - 07:54
User Badges:
  • Blue, 1500 points or more

Jon is right.

But there are instances in which the new device that takes over the IP/MAC address for the failed one will send a gratuitous ARP to announce its presence to the network.

That ARP response will be broadcast to the entire Layer 2 segment.



suthomas1 Tue, 03/31/2009 - 08:10
User Badges:

if am correct the arp timeout is when the takeover to new layer3/layer2 info is being done...the static unchanged device would timeout the current entries for the old device & use the new ones?

how is gratuitous different from normal learning?

Any possible reasons that would have the unchanged device unable to relearn the new entries?

lamav Tue, 03/31/2009 - 08:19
User Badges:
  • Blue, 1500 points or more

Gratuitous means that the ARP announcement was made by the new device without being requested in an ARP request, as is done in "normal learning." Hence, it is gratuitous.

Keep in mind that the gratuitous ARP will also be used by inter-connecting layer 2 switches to update their CAM tables. The switches will learn that to get to the failover MAC address, it will have to forward traffic out another port. Rememeber, the switch learns new MAC addresses as it receives traffic on its ports. So, when the new L3 device sends out the grat. ARP, the switch will "learn" that the source MAC address can now be learned from a new port.

"Any possible reasons that would have the unchanged device unable to relearn the new entries?"

Sometimes security appliances do not repsond well to grat. ARPs for fear that it is part of some sort of attack. In that case, the ARP cache will have to time out or you will have to manually clear it.



suthomas1 Tue, 03/31/2009 - 09:08
User Badges:

That helped a if the A connects to B & i replace B with new device C..C would possibly send out grat arp & A should learn that removing the old entries.

Is the problem with all security appliance or specific ones and any peculiar reasons apart from attack that A would learn/relearn the new address for security app C even after timeout.



This Discussion